Gecko vs Goanna for Thunderbird Independence

[Gervase Markham]

On 13/04/17 23:11, Ben Bucksch wrote:
> there were no less than 250 known critical *1 security holes and 600
> memory corruption bugs that might be exploitable. One critical security
> is already a very serious risk.

How many of those are exploitable if JS is switched off?

I am not saying the cost of forking is zero but we need to acknowledge
that Thunderbird exposes a much-reduced attack surface compared to a web
browser.

Gerv